Re: [CentOS] securing centos 5.2 for public usage

Am 18.09.2010 12:08, schrieb Roland RoLaNd:

Dear all,

i Just finished setting up an apache service on a centos 5.2 VM machine.

i need to secure this machine as i'm soon to be setting a public IP over it where i'd be opening up the following services:

1. http
2. https
3. ssh

Things i've done so far:

1. stopped root ssh access in sshd.conf
2. tried configuring PAM so i get a more secure ssh passwords (dictionary wise) as well as tried setting up a 2 times authentication failure for the account to be disabled for 12 hours (i couldnl't succeed in setting this up)
3. disabled port forwarding (to deny outsiders to tunnel through the server inside my network) couldn't succeed with this either.

Any help or advice would be greatly appreciated..

thanks,

--Roland

First of all, you should really update to CentOS 5.5 plus all the additional package updates.

And then, there is a nice wiki page

http://wiki.centos.org/HowTos/OS_Protection

with lots of helpful information about your topic. Read it carefully, and you will find a link to

http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf

with further tips to secure your system.

Alexander